Thank you for visiting Cyber Matters. In this blog we aim to discuss issues relating to cyber security, with brief articles, that don’t get carried away with too much technical detail.
We operate in an industry in which there is a lot of over hyped nonsense discussed, as well as some really important issues. In Cyber Matters we aim to cut through this and get straight to the point in an easy to understand way. Our bloggers are free to talk about any area relating to Cyber Security, Computer Security, Information Security or what ever term you prefer to use.
We welcome your views – please contribute to the discussion by way of comments on our articles.
- Secure Delivery of a Payload via a Protocol Break
- How do you engage your staff with information security?
- No, Shellshock does not defeat SELinux
- Yet Another Shellshock Article
- UK Public Procurement Policy Note 09/14
- No, Shellshock does not defeat SELinux - A week is a long time in Cyber Security. These past few weeks you may have heard about the latest ‘big vulnerability’, dubbed ShellShock. If you haven’t, or want more information on it, I direct you to the best authority I know: Wikipedia. You may have seen discussion threads like this one online, where one […]
- UK Public Procurement Policy Note 09/14 - Now that’s a catchy headline to get your attention! What does it mean, and why blog about it on Cyber Matters? In short, the policy note published by the Cabinet Office today (Sept 26 2014) says that from October 1st, the Cyber Essentials Scheme is mandatory: Government is widely encouraging its adoption and is making it […]
- Diodes are Diodes, Guards are Guards - Over the last 3-5 years Data Diodes have grown in popularity as a solution for moving data between isolated networks. With this has come creative marketing to leverage the term ‘Diode’ for solutions that are anything but. Let’s just take a few moments to revise some of the fundamental modes of secure information exchange. Protecting […]
- Changing 40+ Passwords: Thanks Heartbleed - Following the Heartbleed revelations, the security advice from the great and good was to change all passwords. To support World Password Day, I changed over 40 other them – quite an interesting exercise. Alarmingly, it appears I am still vulnerable. To tell the story of why I am still vulnerable, this blog is split into three parts: […]
- A Brief Introduction into Threat Analysis - The purpose of this blog piece is to introduce the concept of threat analysis, what it is and why it’s a good idea, while at the same time present a simple and effective way to try it yourself. It is part of a blog series on the development approach at Nexor. It is now an […]
- What is the difference between a Guard and a Gateway? - Guards and gateways are full application layer proxies that connect to two or more networks. They accept data passed on an inbound network interface, ‘process it’, and then pass data to the outbound network interface. The difference between the two is in the ‘process it’ step. Guards A Guard will inspect the application level data […]
- Prehistory of LDAP - It all started in the basement of the Computer Science department of University College London in about 1988. I was working alongside Paul Sharpe of then of GEC, who was working on user agents on the Thorn project. At the time I was implementing DISH – a directory user agent for the Quipu X.500 directory. Paul showed […]